3 matches found
CVE-2026-28463
creationtimestamp| type| source ---|---|--- 2026-03-06 11:01:58+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mgf5xp6xo62c...
CVE-2026-28463 OpenClaw < 2026.2.14 - Arbitrary File Read via Shell Expansion in Safe Bins Allowlist
OpenClaw versions prior to 2026.2.14 contain an arbitrary file read vulnerability in the exec-approvals allowlist validation that checks pre-expansion argv tokens but executes using real shell expansion. Attackers with authorization or through prompt-injection attacks can exploit safe binaries li...
vantuz (>=3.3.2 <=3.3.7) potentially affected by CVE-2026-28463 via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: CVE-2026-28463 Source advisory: OSV:GHSA-XVHF-X56F-2HPP...